CVE-2023-23518
Summary
| CVE | CVE-2023-23518 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-02-27 20:15:00 UTC |
| Updated | 2023-07-27 04:15:00 UTC |
| Description | The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Apple | Ipados | All | All | All | All |
| Operating System | Apple | Iphone Os | All | All | All | All |
| Operating System | Apple | Macos | All | All | All | All |
| Application | Apple | Safari | All | All | All | All |
| Operating System | Apple | Tvos | All | All | All | All |
| Operating System | Apple | Watchos | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| About the security content of macOS Monterey 12.6.3 - Apple Support | MISC | support.apple.com | |
| About the security content of macOS Big Sur 11.7.3 - Apple Support | MISC | support.apple.com | |
| About the security content of watchOS 9.3 - Apple Support | MISC | support.apple.com | |
| WebKitGTK+: Multiple Vulnerabilities (GLSA 202305-32) — Gentoo security | GENTOO | security.gentoo.org | |
| About the security content of macOS Ventura 13.2 - Apple Support | MISC | support.apple.com | |
| About the security content of Safari 16.3 - Apple Support | MISC | support.apple.com | |
| About the security content of iOS 16.3 and iPadOS 16.3 - Apple Support | MISC | support.apple.com | |
| About the security content of tvOS 16.3 - Apple Support | MISC | support.apple.com | |
| About the security content of Safari 16.3 - Apple Support | MISC | support.apple.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 160629 Oracle Enterprise Linux Security Update for webkit2gtk3 (ELSA-2023-2256)
- 160691 Oracle Enterprise Linux Security Update for webkit2gtk3 (ELSA-2023-2834)
- 181540 Debian Security Update for webkit2gtk (DLA 3308-1)
- 181542 Debian Security Update for webkit2gtk (DSA 5340-1)
- 181543 Debian Security Update for wpewebkit (DSA 5341-1)
- 184100 Debian Security Update for webkit2gtkwpewebkit (CVE-2023-23518)
- 199171 Ubuntu Security Notification for WebKitGTK Vulnerabilities (USN-5867-1)
- 241472 Red Hat Update for webkit2gtk3 (RHSA-2023:2256)
- 241497 Red Hat Update for webkit2gtk3 (RHSA-2023:2834)
- 283686 Fedora Security Update for webkitgtk (FEDORA-2023-5210df1dd1)
- 283729 Fedora Security Update for webkit2gtk3 (FEDORA-2023-efe0594c2b)
- 355438 Amazon Linux Security Advisory for webkitgtk4 : ALAS2-2023-2088
- 377925 Apple Safari Multiple Vulnerabilities (HT213600)
- 377926 Apple macOS Big Sur 11.7.3 Not Installed (HT213603)
- 377927 Apple macOS Ventura 13.2 Not Installed (HT213605)
- 377928 Apple macOS Monterey 12.6.3 Not Installed (HT213604)
- 610460 Apple iOS 16.3 and iPadOS 16.3 Security Update Missing (HT213606)
- 710737 Gentoo Linux WebKitGTK+ Multiple Vulnerabilities (GLSA 202305-32)
- 753676 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:0397-1)
- 753782 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:0490-1)
- 753793 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:0573-1)
- 753870 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:1681-1)
- 941009 AlmaLinux Security Update for webkit2gtk3 (ALSA-2023:2256)
- 941078 AlmaLinux Security Update for webkit2gtk3 (ALSA-2023:2834)